<?php
$db = new Database;
session_start();
if(isset($_POST['action'])){
    if($_POST['action']=="saveUser"){
        $firstname = $_POST['firstname'];
        $middlename = $_POST['middlename'];
        $lastname = $_POST['lastname'];
        $username = $_POST['username'];
        $password = $_POST['password'];
        $rpassword = $_POST['rpassword'];
        $email = $_POST['email'];
        $companyCode = $_POST['companyCode'];
        $captcha = $_POST['captcha-code'];
        $regCap = $_SESSION['captcha_number'];
        $error = 0;
        if($firstname=="" or $lastname=="" or $username=="" or $password=="" or $rpassword=="" or $companyCode==""){ //if empty or $captcha==""
            //false
            echo "empty";
        }else{
            //true
            if(checkstrname($firstname)=="0" or checkstrname($lastname)=="0" or checkstrname($middlename)=="0"){
                //false
                echo "error_name";
            }else{
                //true
                if($password!=$rpassword){
                    //false
                    echo "error_pass";
                }else{
                    //true
                    if(strlen($password)<5 || strlen($password)>15){
                        //false
                        echo "min_max_pass";
                    }else{
                        //true
                        $numrowsUser = $db->query("SELECT * FROM tbuser where username = '$username' and is_active=1","numrows");
                        if($numrowsUser>0){
                            //false
                            echo "user_taken";
                        }else{
                            //if($captcha!=$regCap){
                                //echo "Captcha code doesnt match.";
                            //}else{
                                $numrowsComp = $db->query("SELECT * FROM tbcompany where company_code = '$companyCode' and is_active=1","numrows");
                                if($numrowsComp==1){
                                    $companyID = $db->query("SELECT id FROM tbcompany where company_code = '$companyCode' and is_active=1","row");
                                    $insert = array(
                                        "firstname"=>$firstname,
                                        "lastname"=>$lastname,
                                        "middlename"=>$middlename,
                                        "email"=>$email,
                                        "username"=>$username,
                                        "password"=>md5($password),
                                        "userlevel_id"=>2,
                                        "company_id"=>$companyID['id'],
                                        "is_active"=>1,
                                        );
                                    echo "true";
                                $db->insert("tbuser",$insert);
                                }else{
                                    echo "invalid code";
                                }
                            //}
                        }
                    }
                }
            }
        }
    }elseif($_POST['action']=="saveCompany"){
        $companyName = $_POST['companyName'];
        $companyCode = $_POST['companyCode'];
        $contactNumber = $_POST['contactNumber'];
        $emailAddress = htmlentities($_POST['emailAddress']);
        $primaryContact = $_POST['primaryContact'];
        $companyAddress = $_POST['companyAddress'];
        $captcha = $_POST['captcha-code'];
        $regCap = $_SESSION['captcha_number'];
        $password = $_POST['cpassword'];
        $confirmPassword = $_POST['confirmpassword'];
        //echo $companyName." ".$companyCode." ".$contactNumber." ".$emailAddress." ".$primaryContact." ".$companyAddress;
        $numrowsComp = $db->query("SELECT * FROM tbcompany where company_code = '$companyCode' and is_active=1","numrows");
        if(empty($companyName) or empty($companyCode) or empty($contactNumber) or empty($emailAddress) or empty($primaryContact) or empty($companyAddress) or empty($password) or empty($confirmPassword)){
            echo "empty fields";
        }else{
            if(strlen($file)){
                echo "Please select a file.";
            }else{
                if($password!=$confirmPassword){
                    echo "Your Password Didn't Match.";
                }else{
                    if($numrowsComp>0){
                        echo "invalid code";
                    }else{
                        if(!VerifyMailAddress($emailAddress)){
                            echo "Incorrect email format.";
                        }else{
                            //if($captcha!=$regCap){
                            //    echo "Captcha code doesnt match.";
                            //}else{
                                $insertComp = array(
                                            "company_name"=>$companyName,
                                            "primary_contact"=>$primaryContact,
                                            "email_address"=>$emailAddress,
                                            "contact_number"=>$contactNumber,
                                            "company_code"=>$companyCode,
                                            "is_active"=>1,
                                            );
                                echo "true";
                                $companyID = $db->insert("tbcompany",$insertComp);
                                
                                // Insert to the tbuser
                                $insertUserComp = array("firstname"=>$companyName,
                                                        "username"=>$emailAddress,
                                                        "password"=>md5($password),
                                                        "company_id"=>$companyID,
                                                        "userlevel_id"=>1,
                                                        "status"=>1,
                                                        "is_active"=>1,
                                                        "role_type"=>1,
                                                        "position_id"=>1,
                                                        "email"=>$emailAddress,
                                                        "role"=>$companyName);
                                $db->insert("tbuser",$insertUserComp);
                            //}
                        }
                    }
                }
            }
            
        }
    }
}
?>